Maxim Kolomeets

Newcastle University | NCL · School of Computing Science

Background: Technological advances in the smart home have created new opportunities for supporting digital citizens’ well-being and facilitating their empowerment but have enabled new types of complex online harms to develop. Recent statistics have indicated that ‘smart’ technology ownership increases yearly, driven by lower costs and increased acc...

Currently, the methods and means of human–machine interaction and visualization as its integral part are being increasingly developed. In various fields of scientific knowledge and technology, there is a need to find and select the most effective visualization models for various types of data, as well as to develop automation tools for the process...

Журнал "Труды учебных заведений связи" / Journal "Proceedings of Telecommunication Universities" / RU: В работе представлена параметризация вредоносных ботов с помощью метрик, которые могут быть основой для построения моделей распознавания параметров ботов и качественного анализа характеристик атак в социальных сетях. Предложен ряд метрик для описа...

In this paper, we propose metrics for malicious bots that provide a qualitative estimation of a bot type involved in the attack in social media: price, bot-trader type, normalized bot quality, speed, survival rate, and several variations of Trust metric. The proposed concept is that after one detects bots, they can measure bot metrics that help to...

In March 29, 2023, the UK Government released a white paper outlining its plans to implement a pro-innovation approach to Artificial Intelligence (AI) regulation and strengthen the UK's position as a global leader in AI. As part of the white paper, the government has developed five key principles to guide regulators. These principles encompass saf...

Журнал: Информатизация и Связь / Journal: Informatization and communication / RU: Постановка задачи: интеллектуальная среда умного города включает в себя множество интерфейсов различного вида, многие из которых подвержены ряду киберфизичских атак и угроз информационной безопасности. При этом технологии беспилотного транспорта активно развиваются, а...

In this paper, we present the technique for investigating attacks on a company's reputation on a social media platform as a part of an arsenal of digital forensics investigators. The technique consists of several methods, including (1) identifying the attack based on sentiment analysis, (2) identifying the actors of the attack, (3) determining the...

Журнал "Вопросы кибербезопасности" / Cybersecurity issues journal / RU: / Цель статьи: устранение противоречия, состоящего в существующей потребности в наборе простых и понятных показателей защищенности информации и персональных данных для пользователей устройств интернета вещей и их производителей, и отсутствием такого набора, объединяющего взаимо...

In this paper, we propose an approach for anomaly and attack detection based on the analysis of kernel logs obtained with enhanced Berkley Packet Filter (eBPF). Based on the logs we generate white and blacklists in form of rules for detection, that in comparison with machine learning models can be interpreted and adjected by specialist. In paper we...

As the impact of social services is continuously growing, there increase in various security threats that can use social bots. At the same time, existing social threat taxonomies leverage suspicious actions of account or behavioral patterns. As the result, known threat classifications are almost always unrelated to bot classifications. In this pape...

Social media bot detection and bot combating is a novel cybersecurity area due to malicious bots being used in various attack scenarios , such as fraud, misinformation, control of malware-based botnets, reputation hacks, and other malicious activity. Meanwhile, most of the existing bot detection solutions are based on supervised machine learning me...

Wide application of IoT devices together with the growth of cyber attacks against them creates a need for a simple and clear system of security metrics for the end users and producers that will allow them to understand how secure their IoT devices are and to compare these devices with each other, as well as to enhance the security of the devices. T...

In this thesis, we propose machine learning techniques to detecting and characterizing malicious bots in social networks. The novelty of these techniques is that only interaction patterns of friends' of analysed accounts are used as the source data to detect bots. The proposed techniques have a number of novel advantages. There is no need to downlo...

The connectivity of autonomous vehicles induces new attack surfaces and thusthe demand for sophisticated cybersecurity management. Thus, it is important to ensure thatin-vehicle network monitoring includes the ability to accurately detect intrusive behavior andanalyze cyberattacks from vehicle data and vehicle logs in a privacy-friendly manner. For...

In this paper, we propose a machine learning approach to detecting malicious bots on the VKon-takte social network. The advantage of this approach is that only the friends graph is used as the source data to detect bots. Thus, there is no need to download a large amount of text and media data, which are highly language-dependent. Besides, the appro...

Social media bots can pose a serious threat by manipulating public opinion. Attempts to detect bots on social networks have resulted in bots becoming more sophisticated. A wide variety of types of bots has appeared, which must be taken into account when developing methods for detecting them. In this paper, we present the classification of the types...

The paper considers the task of bot detection in social networks. Study is focused on the case when the account is closed by the privacy settings, and the bot needs to be identified by the friend list. The paper proposes a solution that is based on machine learning and statistical methods. Social network VKontakte is used as a data source. The pape...

Журнал "Вопросы кибербезопасности" / Cybersecurity issues journal / RU: Цель статьи: выявление и систематизация областей и задач информационной безопасности, решаемых с использованием методов визуальной аналитики, а также анализ применяемых моделей визуализации и их свойств, влияющих на восприятие данных оператором. Метод исследования: системный ан...

Журнал "Вопросы кибербезопасности" / Cybersecurity issues journal / RU: Цель статьи: систематизация методов оценки эффективности визуализации данных информационной безопасности и сравнительная оценка методов визуализации по областям применения.Метод исследования: системный анализ релевантных работ в области оценки эффективности визуализации. Объект...

RU: Представлены результаты экспериментов по тестированию восприятия 12 ком- понентов визуализации в виртуальной реальности на основе слепого тестирова- ния 20 пользователей. Тестирование производилось с использованием очков и контроллеров виртуальной реальности HTC Vive. Проведена оценка скорости и точности восприятия визуализации 9 численных и 3...

The paper considers the task of bot detection in social net-works. It checks the hypothesis that bots break Benford’s law much more often than users, so one can identify them. A bot detection approach is proposed based on experiments where the test results for bot datasets of different classes and real-user datasets of different communities are eva...

In modern means of mobile Internet security, including those based on touch screens, various visualization models are used. However, with the increasing complexity of these models, the requirements for models of user interaction with visualization change, the need for their adaptability increases. The article proposes an adaptive approach to the fo...

Unmanned private and public transport may be susceptible to attacks through various interfaces including networks and physical sensors. With the spread of smart transport and the urban environment that can interact with vehicles, such threats will become increasingly relevant. The paper presents the overview of current cases of attacks on the conne...

The paper presents a hybrid approach to social network analysis for obtaining information on suspicious user profiles. The offered approach is based on integration of statistical techniques, data mining and visual analysis. The advantage of the proposed approach is that it needs limited kinds of social network data (“likes” in groups and links betw...

The paper discusses the use of virtual (VR) and augmented (AR) reality for visual analytics in information security. Paper answers two questions: “In which areas of information security visualization VR/AR can be useful?” and “What is the difference of the VR/AR from similar methods of visualization at the level of perception of information?”. The...

The paper investigates an approach for communicative leaders selection in social network. The hypothesis is that the analysis of these leaders is enough for social network community evaluation. The approach for the communicative leaders is proposed. Experiments with several groups in VKontakte network is performed and presented.

Журнал "Вопросы кибербезопасности" / Cybersecurity issues journal / (RU) Цель статьи: разработка подхода к созданию адаптивных интерфейсов на основе сенсорных экранов для приложений информационной безопасности. Метод исследования: системный анализ современных «наилучших практик» для создания жестовых и графических интерфейсов, разработка собственно...

When analyzing social networks, graph data structures are often used. Such graphs may have acomplex structure that makes their operational analysis difficult or even impossible. This paper discusses the key problems that researchers face in the field of processing big graphs in that particular area. The paper proposes a reference architecture for s...

The development of social networks made it possible to form very complex structures of users and their content. As new services are added for users, the number of vertex types and edge types increase in the social network graph. Such structural increase opens up new opportunities for analysis. It becomes possible to obtain information about users,...

The paper proposes an approach for visualizationof access control systems based on triangular matrices. Theapproach is used for visualization of access control securitymodel that based in methods of RBAC and Take-Grant. Incomparison with regular access matrices, the sparseness oftriangular matrices is less, and the approach is able to visualizenest...

The paper describes Voronoi Maps – a new technique for visualizing sensor networks that can reduced to planar graph. Visualization in the form of Voronoi Maps as well as TreeMaps provides a great use of screen space, and at the same time allows us to visualize planar non-hierarchical decentralized topology. The paper provides an overview of existin...

An increasing amount of cyber-physical systems within modern cars, such as sensors, actuators, and their electronic control units are connected by in-vehicle networks and these in turn are connected to the evolving Internet of vehicles in order to provide “smart” features such as automatic driving assistance. The controller area network bus is comm...

(RU) Предложена методика визуализации метрик кибербезопасности для поддержкипринятия решений в процессах анализа рисков и выбора контрмер. Данная ме-тодика используется при выборе подходящих моделей визуализации для зара-нее определенного набора метрик безопасности и создании собственных моде-лей визуализации. Приведен перечень метрик безопасности,...

The paper proposes a data visualizing technique for analyzing social networks in order to identify and counteract inappropriate, dubious and harmful information. The proposed technique is based on the force-layout technique of drawing graphs in which the parameters of vertices and edges are calculated depending on the number of links. The paper pro...

An increasing amount of cyber-physical systems within modern cars, such as sensors, actuators, and their electronic control units are connected by in-vehicle networks and these in turn are connected to the evolving Internet of vehicles in order to provide "smart" features such as automatic driving assistance. The controller area network bus is comm...

In the paper, we propose a technique and means of visual analytics for network forensic investigation. It is assumed that experts will be able to decrease the time required for analysis and for creation of easy readable evidences, timelines and presentation for the court. Also based on an example of account theft cyber-attack investigation the tech...

Network forensics is based on the analysis of network traffic. Traffic analysis is a routine procedure, but it allows one to not only identify the cause of the security breach, but also step by step to recreate the whole picture of what happened. To analyze the traffic, investigators usually use Wireshark, a software that has the graphical interfac...

The CAN bus protocol is used in modern vehiclesto control dozens of devices. It is simple enough, but this protocol lacks security mechanisms, and that is one of the main reasons that the entire vehicle is vulnerable for different cyber-physical attacks. Therefore, the detection and counteraction against suchattacks on the CAN bus protocol is an im...

This paper aims at finding an optimal visualization model for representation and analysis of security related data, for example, security metrics, security incidents and cyber attack countermeasures. The classification of the most important security metrics and their characteristics that are important for their visualization are considered. The pap...

This paper aims at finding optimal visualization models for representation and analysis of security related data, for example, security metrics, security incidents and cyber attack countermeasures. The classification of the most important security metrics and their characteristics that are important for their visualization are considered. The paper...

(RU) Разработана методика визуализации данных топологии компьютерной сети для мониторинга безопасности, применяемого в SIEM-системах, а также системах мониторинга компьютерных сетей и сетевой активности. Методика основана на использовании соотношения эффективности восприятия и информативности отображаемых данных. Методика учитывает возможные модели...

С точки зрения информационной безопасности встроенные устройства представляют собой элементы сложных киберфизических систем, работающих в потенциально враждебном окружении. Поэтому разработка таких устройств является сложной задачей, часто требующей экспертных решений. Сложность задачи разработки защищенных встроенных устройств обуславливается разл...

In this paper we propose an approach to the development of the computer network visualization system for security monitoring, which uses a conceptually new model of graphic visualization that is similar to the Voronoi diagrams. The proposed graphical model uses the size, color and opacity of the cell to display host parameters. The paper describes...

The paper presents the results of research devoted to the development of an unified flexible visualization system for security monitoring of computer networks used in the SIEM systems. The developed models and technique of visualization are used for selection of methods of data collection, normalization, preprocessing and representation. The indivi...

From information security point of view embedded devices are the elements of complex systems operating in a potentially hostile environment. Therefore development of embedded devices is a complex task that often requires expert solutions. The complexity of the task of developing secure embedded devices is caused by various types of threats and atta...

(RU)В статье рассматриваются основные методологические примитивы на примере поэтапного построения модели визуализации с заранее подготовленными данными, с целью сформировать комплексное видение процесса создания модели и влияющих на неё аспектов. Приводится классификация примитивов и их связи между собой в соответствии с этапами построения модели....

The paper considers common methodological primitives for phased construction of data visualiza-tion models, which will help to create new graphical models of data security visualization, or will help to show advantages and disadvantages of existing models. The paper also considers examples of graphical models and additional tools, which allow to wo...